CVE-2017-7484
postgresql: Selectivity estimators bypass SELECT privilege checks
Severity Score
7.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access.
Se ha descubierto que algunas funciones de estimación de selectividad en PostgreSQL, en versiones anteriores a la 9.2.21, versiones 9.3.x anteriores a la 9.3.17, versiones 9.4.x anteriores a la 9.4.12, versiones 9.5.x anteriores a la 9.5.7 y versiones 9.6.x anteriores a la 9.6.3, no verificaban los privilegios de usuario antes de ofrecer información de pg_statistic, lo que probablemente implique un filtrado de información. Un atacante sin privilegios podría utilizar este fallo para robar información de tablas a las que, de otra forma, no tendría acceso.
It was found that some selectivity estimation functions did not check user privileges before providing information from pg_statistic, possibly leaking information. A non-administrative database user could use this flaw to steal some information from tables they are otherwise not allowed to access.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2017-04-05 CVE Reserved
- 2017-05-12 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
- CWE-285: Improper Authorization
- CWE-862: Missing Authorization
CAPEC
References (12)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/98459 | Third Party Advisory | |
| http://www.securitytracker.com/id/1038476 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.debian.org/security/2017/dsa-3851 | 2018-01-05 | |
| https://access.redhat.com/errata/RHSA-2017:1677 | 2018-01-05 | |
| https://access.redhat.com/errata/RHSA-2017:1678 | 2018-01-05 | |
| https://access.redhat.com/errata/RHSA-2017:1838 | 2018-01-05 | |
| https://access.redhat.com/errata/RHSA-2017:1983 | 2018-01-05 | |
| https://access.redhat.com/errata/RHSA-2017:2425 | 2018-01-05 | |
| https://security.gentoo.org/glsa/201710-06 | 2018-01-05 | |
| https://www.postgresql.org/about/news/1746 | 2018-01-05 | |
| https://access.redhat.com/security/cve/CVE-2017-7484 | 2017-08-07 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1448078 | 2017-08-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | <= 9.2.20 Search vendor "Postgresql" for product "Postgresql" and version " <= 9.2.20" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.3 Search vendor "Postgresql" for product "Postgresql" and version "9.3" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.3.1 Search vendor "Postgresql" for product "Postgresql" and version "9.3.1" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.3.2 Search vendor "Postgresql" for product "Postgresql" and version "9.3.2" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.3.3 Search vendor "Postgresql" for product "Postgresql" and version "9.3.3" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.3.4 Search vendor "Postgresql" for product "Postgresql" and version "9.3.4" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.3.5 Search vendor "Postgresql" for product "Postgresql" and version "9.3.5" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.3.6 Search vendor "Postgresql" for product "Postgresql" and version "9.3.6" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.3.7 Search vendor "Postgresql" for product "Postgresql" and version "9.3.7" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.3.8 Search vendor "Postgresql" for product "Postgresql" and version "9.3.8" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.3.9 Search vendor "Postgresql" for product "Postgresql" and version "9.3.9" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.3.10 Search vendor "Postgresql" for product "Postgresql" and version "9.3.10" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.3.11 Search vendor "Postgresql" for product "Postgresql" and version "9.3.11" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.3.12 Search vendor "Postgresql" for product "Postgresql" and version "9.3.12" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.3.13 Search vendor "Postgresql" for product "Postgresql" and version "9.3.13" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.3.14 Search vendor "Postgresql" for product "Postgresql" and version "9.3.14" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.3.15 Search vendor "Postgresql" for product "Postgresql" and version "9.3.15" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.3.16 Search vendor "Postgresql" for product "Postgresql" and version "9.3.16" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.4 Search vendor "Postgresql" for product "Postgresql" and version "9.4" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.4.1 Search vendor "Postgresql" for product "Postgresql" and version "9.4.1" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.4.2 Search vendor "Postgresql" for product "Postgresql" and version "9.4.2" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.4.3 Search vendor "Postgresql" for product "Postgresql" and version "9.4.3" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.4.4 Search vendor "Postgresql" for product "Postgresql" and version "9.4.4" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.4.5 Search vendor "Postgresql" for product "Postgresql" and version "9.4.5" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.4.6 Search vendor "Postgresql" for product "Postgresql" and version "9.4.6" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.4.7 Search vendor "Postgresql" for product "Postgresql" and version "9.4.7" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.4.8 Search vendor "Postgresql" for product "Postgresql" and version "9.4.8" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.4.9 Search vendor "Postgresql" for product "Postgresql" and version "9.4.9" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.4.10 Search vendor "Postgresql" for product "Postgresql" and version "9.4.10" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.4.11 Search vendor "Postgresql" for product "Postgresql" and version "9.4.11" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.5 Search vendor "Postgresql" for product "Postgresql" and version "9.5" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.5.1 Search vendor "Postgresql" for product "Postgresql" and version "9.5.1" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.5.2 Search vendor "Postgresql" for product "Postgresql" and version "9.5.2" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.5.3 Search vendor "Postgresql" for product "Postgresql" and version "9.5.3" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.5.4 Search vendor "Postgresql" for product "Postgresql" and version "9.5.4" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.5.5 Search vendor "Postgresql" for product "Postgresql" and version "9.5.5" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.5.6 Search vendor "Postgresql" for product "Postgresql" and version "9.5.6" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.6 Search vendor "Postgresql" for product "Postgresql" and version "9.6" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.6.1 Search vendor "Postgresql" for product "Postgresql" and version "9.6.1" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.6.2 Search vendor "Postgresql" for product "Postgresql" and version "9.6.2" | - |
Affected
| ||||||